package com.xixibaby.core.auth;


import com.xixibaby.core.login.LoginInfoVO;
import com.xixibaby.core.Assert;
import org.springframework.http.HttpHeaders;
import org.springframework.http.server.reactive.ServerHttpRequest;

import java.util.ArrayList;
import java.util.List;

/**
 * 运营平台权限管理
 *
 */
public abstract class AuthCenter {
    private static final String NULL = "null";

    /**
     * 此处以后改成文件方式
     */
    private List<String> excludeUrl;

    public void setExcludeUrl(List<String> excludeUrl) {
        this.excludeUrl = excludeUrl;
    }

    protected void excludeUrl(String url){
        this.excludeUrl.add(url);
    }

    public boolean isExcludeUrr(ServerHttpRequest request){
        return excludeUrl.contains(request.getPath().toString());
    }

    public boolean support(ServerHttpRequest request) {
        String s = request.getPath().toString();
        if(excludeUrl.contains(s)){
            return true;
        }
        HttpHeaders headers = request.getHeaders();

        boolean hashAuth = headers.containsKey(AuthConstant.AUTH_HEAD_KEY);
        if(!hashAuth){
           return false;
        }

        String authorization = headers.getFirst(AuthConstant.AUTH_HEAD_KEY);
        if(Assert.empty(authorization) ||  NULL.equals(authorization)){
            return false;
        }

        boolean hashPlatform = headers.containsKey(AuthConstant.PLATFORM_HEAD_KEY);
        if(!hashPlatform){
            return false;
        }

        String platform = headers.getFirst(AuthConstant.PLATFORM_HEAD_KEY);
        if(Assert.empty(platform)){
            return false;
        }

        LoginInfoVO loginInfoVO = LoginInfoVO.toVO(authorization);
        if(!loginInfoVO.getPlatform().toString().equals(platform)){
            return false;
        }

        return this.support(loginInfoVO,s);
    }

    /**
     * 俩个唯独   验证session是否存在
     * 验证session的uid是否是同一个人
     */
    public abstract boolean support(LoginInfoVO auth,String url);

}
